Adam Cartwright, CISO at Australia Post explains how the organisation is strengthening cyber resilience, prioritising leadership, and reinforcing the basics to defend against today’s threats.

He stepped into a role that touches every Australian household.

With more than 4,500 post offices and a vital community mission, Australia Post is both a logistics giant and a government-owned enterprise.

Adam shared that the mission to serve communities strengthens the security culture across the workforce.

“Staff are very engaged. They are very aware of their community obligations. From a cyber security point of view, that translates into enthusiasm to support the mission.”

He spoke with ADAPT’s Content Lead Justina Uy about Australia Post’s community mission, lessons in resilience from global crises, and the fundamentals every CISO must get right.

 

Lessons in resilience from global crises

Reflecting on his time at American Express during the 9/11 attacks, Adam recalled flying into New York to restore critical banking systems.

He said the experience reinforced the importance of coordination and trust during emergencies.

“Communications is the most important thing to recover. If you can’t communicate, you can’t coordinate.”

 

Bringing executives into the journey

Adam explained that success in cyber resilience also depends on engaging executives and boards with practical risk conversations.

He noted that leaders are receptive when the discussion is grounded in real threats to operations and customer trust.

“As long as the conversation is pragmatic and about real risks, boards are very tuned in.”

 

Start with the basics, then test yourself

Asked what CISOs should prioritise under resource constraints, Adam stressed the value of doing the fundamentals well and ensuring they actually work in practice.

“Most breaches happen because the basics are done poorly. Essential Eight is always a good starting point.”

 

Cyber leadership means developing people

For Adam, resilience is also about cultivating the next generation of cyber professionals.

He pointed to the growing talent shortage and the need for investment in young practitioners.

“Leadership is about people. How do we develop the talent pipeline within our teams and in the community to support the future of cyber defence.”

Key takeaways

  • Anchor resilience in people, preparation, and clear communications.
  • Keep boards engaged with transparent, pragmatic risk dialogue.
  • Prioritise Essential Eight and test defenses against real adversary techniques.
  • Recognise cyber leadership as building talent pipelines and preventing burnout.
  • Treat resilience as both crisis response and long-term culture.
Contributors
Adam Cartwright CISO at Australia Post
A seasoned cybersecurity leader with extensive expertise in establishing and overseeing cybersecurity teams. A published author in the field of cybersecurity, notably... More

A seasoned cybersecurity leader with extensive expertise in establishing and overseeing cybersecurity teams. A published author in the field of cybersecurity, notably with the book ‘Ransomware: Enhancing Threat-Centric Cyber Defense’. Demonstrates strong leadership skills, fostering the growth of individuals within the industry.

Bringing a wealth of experience as an IT executive, adept at customizing security strategies according to specific industry sectors and threat landscapes. Proficiently manages security budgets spanning from $5 million to $160 million. Successfully established both in-house onshore and offshore security operations centers, collaborating with partner organizations to achieve robust security outcomes.

Possesses a rich background working with major global financial institutions such as American Express, Commonwealth Bank, ANZ Bank, as well as prominent players in the technology sector like IBM, and within the manufacturing vertical.

Less
Justina Uy Content Marketing Manager
Justina Uy is a data-driven content marketer that thrives on democratising elite know-how to empower Australia’s underdogs. Skilled at translating complex ideas... More

Justina Uy is a data-driven content marketer that thrives on democratising elite know-how to empower Australia’s underdogs.

Skilled at translating complex ideas into a compelling story across formats and channels, she shifts seamlessly between writing long-form articles, creating viral social media posts, and producing thumb-stopping videos.

Since 2015, Justina executes her vision through a sophisticated understanding of the rapidly evolving digital and business landscape to serve entertaining and educational insights to the executive community.

Less
security compliance management